An issue in the getcolor function in utils.py of xhtml2pdf v0.2.13 allows attackers to cause a Regular expression Denial of Service (ReDOS) via supplying a crafted string.
"https://github.com/pypa/advisory-database/blob/main/vulns/xhtml2pdf/PYSEC-2026-2056.yaml"